The Tor Browser / file comparison
comparison: mobile/android/base/browserid/MockMyIDTokenFactory.java
mobile/android/base/browserid/MockMyIDTokenFactory.java
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:0677a81b0ed5 |
|---|---|
| 1 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 2 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 4 | |
| 5 package org.mozilla.gecko.browserid; | |
| 6 | |
| 7 import java.math.BigInteger; | |
| 8 import java.security.NoSuchAlgorithmException; | |
| 9 import java.security.spec.InvalidKeySpecException; | |
| 10 | |
| 11 /** | |
| 12 * Generate certificates and assertions backed by mockmyid.com's private key. | |
| 13 * <p> | |
| 14 * These artifacts are for testing only. | |
| 15 */ | |
| 16 public class MockMyIDTokenFactory { | |
| 17 public static final BigInteger MOCKMYID_x = new BigInteger("385cb3509f086e110c5e24bdd395a84b335a09ae", 16); | |
| 18 public static final BigInteger MOCKMYID_y = new BigInteger("738ec929b559b604a232a9b55a5295afc368063bb9c20fac4e53a74970a4db7956d48e4c7ed523405f629b4cc83062f13029c4d615bbacb8b97f5e56f0c7ac9bc1d4e23809889fa061425c984061fca1826040c399715ce7ed385c4dd0d402256912451e03452d3c961614eb458f188e3e8d2782916c43dbe2e571251ce38262", 16); | |
| 19 public static final BigInteger MOCKMYID_p = new BigInteger("ff600483db6abfc5b45eab78594b3533d550d9f1bf2a992a7a8daa6dc34f8045ad4e6e0c429d334eeeaaefd7e23d4810be00e4cc1492cba325ba81ff2d5a5b305a8d17eb3bf4a06a349d392e00d329744a5179380344e82a18c47933438f891e22aeef812d69c8f75e326cb70ea000c3f776dfdbd604638c2ef717fc26d02e17", 16); | |
| 20 public static final BigInteger MOCKMYID_q = new BigInteger("e21e04f911d1ed7991008ecaab3bf775984309c3", 16); | |
| 21 public static final BigInteger MOCKMYID_g = new BigInteger("c52a4a0ff3b7e61fdf1867ce84138369a6154f4afa92966e3c827e25cfa6cf508b90e5de419e1337e07a2e9e2a3cd5dea704d175f8ebf6af397d69e110b96afb17c7a03259329e4829b0d03bbc7896b15b4ade53e130858cc34d96269aa89041f409136c7242a38895c9d5bccad4f389af1d7a4bd1398bd072dffa896233397a", 16); | |
| 22 | |
| 23 // Computed lazily by static <code>getMockMyIDPrivateKey</code>. | |
| 24 protected static SigningPrivateKey cachedMockMyIDPrivateKey = null; | |
| 25 | |
| 26 public static SigningPrivateKey getMockMyIDPrivateKey() throws NoSuchAlgorithmException, InvalidKeySpecException { | |
| 27 if (cachedMockMyIDPrivateKey == null) { | |
| 28 cachedMockMyIDPrivateKey = DSACryptoImplementation.createPrivateKey(MOCKMYID_x, MOCKMYID_p, MOCKMYID_q, MOCKMYID_g); | |
| 29 } | |
| 30 return cachedMockMyIDPrivateKey; | |
| 31 } | |
| 32 | |
| 33 /** | |
| 34 * Sign a public key asserting ownership of username@mockmyid.com with | |
| 35 * mockmyid.com's private key. | |
| 36 * | |
| 37 * @param publicKeyToSign | |
| 38 * public key to sign. | |
| 39 * @param username | |
| 40 * sign username@mockmyid.com | |
| 41 * @param issuedAt | |
| 42 * timestamp for certificate, in milliseconds since the epoch. | |
| 43 * @param expiresAt | |
| 44 * expiration timestamp for certificate, in milliseconds since the epoch. | |
| 45 * @return encoded certificate string. | |
| 46 * @throws Exception | |
| 47 */ | |
| 48 public String createMockMyIDCertificate(final VerifyingPublicKey publicKeyToSign, String username, | |
| 49 final long issuedAt, final long expiresAt) | |
| 50 throws Exception { | |
| 51 if (!username.endsWith("@mockmyid.com")) { | |
| 52 username = username + "@mockmyid.com"; | |
| 53 } | |
| 54 SigningPrivateKey mockMyIdPrivateKey = getMockMyIDPrivateKey(); | |
| 55 return JSONWebTokenUtils.createCertificate(publicKeyToSign, username, "mockmyid.com", issuedAt, expiresAt, mockMyIdPrivateKey); | |
| 56 } | |
| 57 | |
| 58 /** | |
| 59 * Sign a public key asserting ownership of username@mockmyid.com with | |
| 60 * mockmyid.com's private key. | |
| 61 * | |
| 62 * @param publicKeyToSign | |
| 63 * public key to sign. | |
| 64 * @param username | |
| 65 * sign username@mockmyid.com | |
| 66 * @return encoded certificate string. | |
| 67 * @throws Exception | |
| 68 */ | |
| 69 public String createMockMyIDCertificate(final VerifyingPublicKey publicKeyToSign, final String username) | |
| 70 throws Exception { | |
| 71 long ciat = System.currentTimeMillis(); | |
| 72 long cexp = ciat + JSONWebTokenUtils.DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS; | |
| 73 return createMockMyIDCertificate(publicKeyToSign, username, ciat, cexp); | |
| 74 } | |
| 75 | |
| 76 /** | |
| 77 * Generate an assertion asserting ownership of username@mockmyid.com to a | |
| 78 * relying party. The underlying certificate is signed by mockymid.com's | |
| 79 * private key. | |
| 80 * | |
| 81 * @param keyPair | |
| 82 * to sign with. | |
| 83 * @param username | |
| 84 * sign username@mockmyid.com. | |
| 85 * @param certificateIssuedAt | |
| 86 * timestamp for certificate, in milliseconds since the epoch. | |
| 87 * @param certificateExpiresAt | |
| 88 * expiration timestamp for certificate, in milliseconds since the epoch. | |
| 89 * @param assertionIssuedAt | |
| 90 * timestamp for assertion, in milliseconds since the epoch; if null, | |
| 91 * no timestamp is included. | |
| 92 * @param assertionExpiresAt | |
| 93 * expiration timestamp for assertion, in milliseconds since the epoch. | |
| 94 * @return encoded assertion string. | |
| 95 * @throws Exception | |
| 96 */ | |
| 97 public String createMockMyIDAssertion(BrowserIDKeyPair keyPair, String username, String audience, | |
| 98 long certificateIssuedAt, long certificateExpiresAt, | |
| 99 Long assertionIssuedAt, long assertionExpiresAt) | |
| 100 throws Exception { | |
| 101 String certificate = createMockMyIDCertificate(keyPair.getPublic(), username, | |
| 102 certificateIssuedAt, certificateExpiresAt); | |
| 103 return JSONWebTokenUtils.createAssertion(keyPair.getPrivate(), certificate, audience, | |
| 104 JSONWebTokenUtils.DEFAULT_ASSERTION_ISSUER, assertionIssuedAt, assertionExpiresAt); | |
| 105 } | |
| 106 | |
| 107 /** | |
| 108 * Generate an assertion asserting ownership of username@mockmyid.com to a | |
| 109 * relying party. The underlying certificate is signed by mockymid.com's | |
| 110 * private key. | |
| 111 * | |
| 112 * @param keyPair | |
| 113 * to sign with. | |
| 114 * @param username | |
| 115 * sign username@mockmyid.com. | |
| 116 * @return encoded assertion string. | |
| 117 * @throws Exception | |
| 118 */ | |
| 119 public String createMockMyIDAssertion(BrowserIDKeyPair keyPair, String username, String audience) | |
| 120 throws Exception { | |
| 121 long ciat = System.currentTimeMillis(); | |
| 122 long cexp = ciat + JSONWebTokenUtils.DEFAULT_CERTIFICATE_DURATION_IN_MILLISECONDS; | |
| 123 long aiat = ciat + 1; | |
| 124 long aexp = aiat + JSONWebTokenUtils.DEFAULT_ASSERTION_DURATION_IN_MILLISECONDS; | |
| 125 return createMockMyIDAssertion(keyPair, username, audience, | |
| 126 ciat, cexp, aiat, aexp); | |
| 127 } | |
| 128 } |
